Cybersecurity Subject Matter Expert

Posted Date 1 month ago(5/13/2021 2:46 PM)
Job ID
US-MD-College Park
Clearance Required

Position Description

Become part of the XLA team supporting the National Archives and Records Administration (NARA) located in College Park, MD.  We are looking for a Cybersecurity Subject Matter Expert (SME) who will possess a broad knowledge of the domain including network security, system security, web-based application scanning, risk assessments, security engineering, etc. Experience working with Security Operation Center (SOC) type tools is highly desirable. SME will support a Federal Civilian Agency with vulnerability management and incident response work with a major focus on reviewing cloud-based assets in Amazon Web Services (AWS). Team members have a large set of cross-functional abilities to support all aspects of Cyber Security. 

  • Conduct vulnerability scans and assessments against agency information systems, web applications and web services
  • Review AWS implementations
  • Coordinate response, triage and recovery activities for security events affecting the agency’s information assets
  • Assist with expanding and maturing existing vulnerability management and incident response processes and activities.
  • Coordinate with system owners and IT operations to remediate and resolve issues discovered during security scans, system assessments, system audits, and cyber security investigations.
  • Conduct security assessments and testing for agency’s different cloud platform types (i.e., IaaS, SaaS, PaaS)
  • Conduct on-demand scans, assessments, and audits to assess the cyber security posture of the various on-premises and cloud-based NARA information systems.
  • Provide security engineering reviews and recommendations to agency System Owners and Information System Security Officers
  • Develop and implement technical solutions to help mitigate security vulnerabilities
  • Analyze network and host-based security logs to identify potential security threats
  • Develop/review documentation for Security Operations procedures



  • 15 years of cybersecurity engineering experience
  • Experience working in AWS (AWS Certified Security certification is a plus)
  • Industry Security Certifications such as CISSP, CASP, GCIA, GCIH, OSCP, etc. 
  • Experience with different aspects of security engineering including knowledge of network security, operating system security, database security, and web application technologies
  • Extensive knowledge of the Linux and Windows operating systems 
  • Strong understanding of TCP/IP protocol 
  • Strong troubleshooting skills
  • Ability to communicate technical information to non-technical users
  • Experience with some of the following types of technologies: SIEM (SecurityCenter, Splunk, etc.); Application or web content filtering; IDS/IPS 
  • Knowledge of security principles with cloud-based services such as AWS
  • 5+ years of experience in either a system or network administrator role
  • Experience with some of the following technologies: Tenable suite of tools, NetFlow, Snort, FireEye, etc.
  • Master’s Degree or other equivalent degree program

Preferred Additional Skills, Knowledge and Experience:

  • Master's degree with an IT or Computer Science focus
  • Security Architecture review experience
  • Scripting and automation (Python, UNIX shell, etc.)  
  • AWS Certifications with Security specialty
  • Penetration testing experience


  • Strong verbal and written communication skills 
  • Ability to work in a cross-functional team environment 
  • Flexible, dependable and self-motivated 
  • Willingness to learn new skills from peers

Clearance Requirement:

Ability to obtain Top Secret (TS)




Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed